Counterfeit IC threat evolves with spread of clone parts

The
better government and industry get at detecting counterfeit parts, the
better counterfeiters get at fooling detection techniques, especially
today with remanufactured or cloned parts adding to the threat. They are
an imminent threat as they can permeate military systems, from fighter
jets to nuclear submarines, and cause catastrophic failures.

Counterfeit components that find their way into the military supply chain could contaminate jet-fighter avionics, radar
systems, and nuclear submarines potentially causing cause loss of life.
They look exactly like legitimate integrated circuits (ICs), but have
not gone through the rigorous testing and qualification process for use
in military systems.

The U.S. government has
taken measures against the threat, including passing the National
Defense Authorization Act (NDAA) rule on the Detection and Avoidance of
Counterfeit Electronic Parts.
Millions of dollars are being spent by the military and industry to
mitigate this threat, but counterfeits continue to proliferate on the
open market and are only a click away on the Internet – all with the
potential to affect every area of life that depends on technology.

“Counterfeits
threaten every area of the electronics industry, from high-reliability
industry applications such as defense and aerospace, medical,
automotive, energy and telecom down to the entire commercial sector,”
says Tom Sharpe, Vice President of SMT Corp. (Sandy Hook, Connecticut;
www.smtcorp.com). “[It] is getting much worse as counterfeiters are not
only still producing traditional counterfeits – original component
manufacturer (OCM) devices which have been modified/altered and
misrepresented to appear as new and unused OCM devices – they are now
creating ever-increasing amounts of advanced counterfeits or clones,” he
continues. “In other words, they are creating their own parts which
unfortunately, are very similar physically and electrically to the real
OCM parts, which makes it easier for them to defeat the inspection
process. Clones, essentially, are a growing competitor in the open
market to authorized supplier sales.”

“The
counterfeiters are continuously improving their ability to counterfeit
product,” says Dan Deisz, Director of Design and Technology at Rochester
Electronics (Newburyport, Massachusetts; www.rocelec.com). “No longer
is it the case of them banging parts together then washing them over a
bucket in a river as portrayed in many media reports. That impression of
counterfeiters is still out there, but the reality is that these folks
have made real investments and are doing a far better job of not only
how they pull parts off of boards and how they re-mark products for what
we look for. They are carrying it one step further by cloning product and trying to make money off of their silicon instead of off the OCM’s product.”

Figure 1: Counterfeit parts that make their way
into a fighter jet like the F-16 could cause catastrophic failure of the
aircraft. (U.S. Air Force photo/Staff Sgt. Nick Wilson)

(Click graphic to zoom by 1.9x)

Much like cybercriminals, counterfeiters continuously evolve their techniques to sidestep every new detection method.

“Escalation
in detection capability and awareness within the electronics industry
over the past several years has predictably inspired the counterfeiters
to get better at what they do,” Sharpe explains. “SMT first detected
highly advanced clone devices back in 2012 and they have continued to
proliferate. We had to refocus our labs on understanding what this new
component threat looks like and how to reliably detect it. To do so, SMT
has invested heavily in additional high-end inspection equipment,
training, significant electrical testing capability, and qualified
component engineers.”

1) The wrong part in the
right package refurbished to “look” like the part. These don’t
work when put in the system, so the only real loss is the
procurement cost.

2) Product pulled
from electronic waste (Ewaste) that is the correct function, but is
refurbished and marked to reflect a different date code, part number,
screening level, etc. These are dangerous because they may work at room
temperature, at least for a short time. They always fail at the worst
possible moment, however, and may cause a loss of the system and
mission.

3) Parts that are new, and
look and act just like the originals, but they may be tainted to fail or
disrupt operation. These include the clones that have been surfacing
lately, which raises the question: What organization of counterfeiters
can afford to reverse engineer and fabricate these parts? How can they
expect to compete with the OCM manufacturer who has amortized the
engineering cost over hundreds of thousands of parts? Who is paying for
the overhead? A nation-state perhaps?”

Traditional counterfeits still out there

Although
industry is vigilant in its search for clones, the old threat of
traditional counterfeits still exist and must be guarded against (Figure
2).

“Traditional counterfeits are not
going away anytime soon,” Sharpe says. “China continues to turn a blind
eye to the rights of intellectual property (IP) holders and instead
provides a host country to a billion-dollar black-market industry for
the creation of counterfeit electronics. They will continue to produce
large quantities of crudely refurbished used parts as long as there is a
market who continues buying it.”

Government response to the threat

Authorized
suppliers are adept at policing themselves, but they can only do so
much. Only the U.S. government can enforce the laws and prosecute the
counterfeiters.

“The government writes new
laws, and has been chasing down and prosecuting more traffickers of
counterfeits, and has been seeking heavier penalties,” Mathiesen says.
“We will see just how much the justice system believes that knowingly
selling counterfeit parts to the Department of Defense (DoD) is really
an act of sabotage on a DoD weapon system. The most recent prosecution
is of a man named Peter Picone, who comes up for sentencing next month.
The severity of his sentence should tell us a lot about what the judges
will do in the future with these saboteurs.” [Editor’s note: Picone
reportedly acquired ICs from China and then sold them to the military
for use on U.S. Navy nuclear submarines, but before they were installed
they were discovered.]

“The DoD and major DoD
original equipment manufacturers (OEMs) are much better than others at
being vigilant and taking the necessary precautions to combat
counterfeits,” Deisz says. “The only time it gets squishy is when you go
to contract manufacturers (CMs) and they are incentivized to reduce
price. You can’t be sure of what shortcuts the CMs might take to meet
those price goals. DoD OEMs do far better jobs at filtering and limiting
choices as far as who they buy from, but unfortunately they still don’t
look everywhere for authorized solutions.

“There is still a part within the DoD where there is a wicked back and forth on how to manage obsolescence
in the supply chain,” Deisz states. The OEMs more or less “design in”
obsolescence up front and nothing has changed regardless of product
price and how much time they allow up front for design. However, the DoD
wants more flexibility in who they buy from and with price as they
continue to deal with budget-cut pressures, which creates the risk that
counterfeits may find their way into a DoD system.

“We
always assume it is the older technology systems where spare parts have
become obsolete, but that is not necessarily true,” Mathiesen says.
“Probably more than 50 percent of the counterfeit product found is parts
that are still in production at either the OCM or an authorized
aftermarket manufacturer. Counterfeits are not a manufacturing problem,
they are a procurement problem. If you don’t want to buy counterfeit
product, simply don’t buy them.”

“The
Counterfeit Components Avoidance Program (CCAP)-101 program is designed
to accept only new and unused components as the OCM shipped them,” says
Leon Hamiter, Consulting Engineer at Components Technology Institute
Inc. in Huntsville, Alabama, which offers the CCAP-101, www.cti-us.com).
“We don’t even allow re-tinning of the leads. If you do that you have
essentially destroyed the part as originally supplied.”

Defeating the threat

Defeating
the counterfeit threat will rely on new technology for detection,
cooperation with the authorities, and an ability to keep the
counterfeiters from learning about new detection methods.

“We
continue to work with the government on the advanced counterfeit
challenge, and share information at the right levels,” Sharpe says. “One
of the biggest problems with defeating traditional counterfeits has
been that each time a new detection method was publicized, the
counterfeiters were able to learn what wasn’t working and improve upon
it seemingly overnight. This public sharing of detection methods needs
to end with the highly advanced counterfeits of today – otherwise
we will continue to educate the bad guys.

“For
example, a new SAE test standard, AS6171, getting released by the end
of this year or shortly after, has already been defeated by clones, as
it is designed to detect traditional counterfeits,” he adds.

Don’t tell the enemy

During
World War II, the Allies kept the fact they broke Germany’s Enigma code
a secret at all costs, knowing that if the enemy found out, they could
change their codes and the war could go on much longer, costing
potentially millions of lives. Many in the semiconductor industry
believe that they need to take the same approach with counterfeit
detection techniques and stop publicizing their methods, because the
counterfeiters are watching and learning.

“The
continuously advancing clone threat will not be defeated by published
inspection standards but instead through closely-guarded new detection
technologies,” Sharpe says. “Over the past three years, Battelle Labs in
Columbus, Ohio, has done just that by developing the “Battelle
Barricade” system specifically to counter the advanced counterfeit
threat. I believe this highly-advanced detection system and others like
it will become part of standard mitigation processes in the years to
come.”

Barricade enables “nondestructive
authentication of electronic components from both trusted and untrusted
sources, enabling separation of cloned or counterfeit components from
authentic ones at a dramatically lower cost than alternative
methods,” according to a Battelle release (www.batelle.com).

The
system, which is made up of electronic component signal-acquisition
hardware and software, is installed at user sites. The validation
process for Barricade consists of placing the IC into a “chip socket in
the Barricade hardware to receive confirmation of authenticity or
detection of counterfeit or cloned components within seconds,” according
to the release. The system, applicable to both analog
and digital devices, determines authenticity based on electrical
signatures and a classification algorithm that creates identity
signatures for each class of chips in a given class of authentic
devices. Only a few authentic chips are necessary to enroll an entire
class of chips into the system. Battelle officials say that the process
can be performed at any point in the supply chain to reduce the risk of
counterfeit components as well as to address new regulations that may
arise for anticounterfeiting.

Trusted sources and proper testing

So what is the best approach for DoD OEMs and government agencies?

“Using
authorized suppliers wherever possible is the best answer to the
counterfeit threat,” Sharpe says. “Authorized suppliers such as Avnet,
Arrow, etc., and aftermarket ones like Rochester Electronics and
Lansdale Semiconductor are your best bets to mitigate this growing
threat. Clones have made it much more important now than it was five
years ago to work with the authorized part of the supply chain wherever
possible for components.”

“There are two
approaches for dealing with counterfeits: prevention or detection when
they do not have positive traceability to the OCM,” Hamiter says. “For
prevention you need the samples to be of consistent production with same
lot or date code and no signs of being reclaimed or remarked. Samples
are x-ray inspected and decaped to verify consistent internal
construction to see if the markings are consistent to the external
markings. When the date on a die shows it to be newer than the external
date code, assigned by the OCM makes it a clear counterfeit.

“A
typical counterfeit analysis practice starts by looking for markings
inside the package on the die. This requires a microscope with adequate
magnification to see the die markings and if the wire bonds of die
harvesting and repackaging,” he continues. “There are also tests that
can be done to see if the packaging material has the proper ESD
characteristics. If it does not then you should assume it has been
tampered with and declare it counterfeit as there may be ESD damage.”

“Part
of the insidious nature of clones is that they work at room temperature
but not in extreme hot and cold environments,” Deisz says. “If a user
doesn’t have the methodology to test beyond room temperature, they won’t
discover it doesn’t work till it gets in the field. Brokers don’t
necessarily have this advantage or capability, yet claim they never see
cloned counterfeit technology. How can they know?”

“Buy
authorized. Whether it be from the OCM, their authorized distributor,
or the authorized aftermarket manufacturer,” Mathiesen says. “There is
no 100-percent guarantee that any amount of nondestructive testing will
catch every type of counterfeit product, and 100-percent destructive
testing leaves you with nothing to use in your system. If you
procure product from the authorized chain, the odds of obtaining a
counterfeit product fall nearly to zero. If you buy product from the
broker market, the odds of buying a counterfeit increase dramatically.
If you absolutely cannot get the product through the authorized chain,
it may be time to redesign the system.”